XenMobile Server 10.10.0 Rolling Patch 4

Citrix Citrix

Package name: xms_10.10.0.10403.bin

For: XenMobile Server 10.10.0

Deployment type: On-premises only

Replaces: xms_10.10.0.10305.bin, xms_10.10.0.10202.bin, and xms_10.10.0.10103.bin

Date: October, 2019

Languages supported: English (US)

Readme version: 1.00

Readme Revision History

Version Date Change Description
1.00 October, 2019 Initial release

Important Notes about This Update

As a best practice, Citrix recommends that you install this and other updates only if you are affected by the specific issues they resolve.

Where to Find Documentation

This document describes the issue(s) resolved by this release and includes installation instructions. For additional product information, see XenMobile Server 10.10 on the Citrix Product Documentation site.

What’s new

Some Restrictions device policy settings available on supervised or unsupervised devices for previous iOS versions are available only on supervised devices for iOS 13+. The current XenMobile Server console tool tips don’t yet indicate that these settings are for supervised devices for iOS 13+ only.

  • Allow hardware controls:

    • FaceTime
    • Installing apps

  • Allow apps:

    • iTunes Store
    • Safari
    • Safari > Autofill

  • Network – Allow iCloud actions:

    • iCloud documents & data

  • Supervised only settings – Allow:

    • Game Center > Add friends
    • Game Center > Multiplayer gaming

  • Media content – Allow:

    – Explicit music, podcasts, and iTunes U material

These restrictions apply as follows:

  • If an iOS 12 (or lower) device already enrolled in XenMobile Server and then upgrades to iOS 13, there are no changes. The preceding settings apply to the device as before.
  • If an unsupervised iOS 13+ device enrolls in XenMobile Server, the preceding settings don’t apply to the device.
  • If a supervised iOS 13+ device enrolls in XenMobile Server, the preceding settings apply to the device.

[From xms_10.10.0.10403.bin][CXM-72730]

For information about XenMobile Server 10.10.0 Rolling Patch 3 release, see XenMobile Server 10.10.0 Rolling Patch 3.

For information about XenMobile Server 10.10.0 Rolling Patch 2 release, see XenMobile Server 10.10.0 Rolling Patch 2.

For information about XenMobile Server 10.10.0 Rolling Patch 1 release, see XenMobile Server 10.10.0 Rolling Patch 1.

Known Issue(s) in this Release

There are no known issues in this release.

New Fixes in This Update

  1. The XenMobile Server console responds slowly.

    [From xms_10.10.0.10403.bin][CXM-69018]

  2. Apple recently published a knowledge article that lists host names that must remain open to ensure proper operation of macOS, iOS, and iTunes. Blocking those host names can affect the installation, update, and proper operation of the following: iOS, iOS apps, MDM operation, and device and app enrollment. For more information, see https://support.apple.com/en-us/HT201999.

    [From xms_10.10.0.10403.bin][CXM-70934]

  3. After enrolling a new device or re-enrolling an old device, an error message intermittently displays on the Manage tab.

    [From xms_10.10.0.10403.bin][CXM-72308]

  4. MAM devices wipe apps and app data because of a failure to get user domain details causing the device to assume the user is deleted.

    [From xms_10.10.0.10403.bin][CXM-72316]

  5. When attempting to update a public iOS app using XenMobile Server, a configuration error appears.

    [From xms_10.10.0.10403.bin][CXM-72353]

  6. The RBAC role “Tier 2 techs” can’t create enrollment invitations to a user group with more than 2000 users. Only full admin users can create the invitations.

    [From xms_10.10.0.10403.bin][CXM-72354]

  7. After you deploy the App Access device policy, non-compliant devices don’t trigger the configured action.

    [From xms_10.10.0.10403.bin][CXM-72356]

  8. When you check the Tomcat server status, you may get the return value of 1 instead of 0 even though the server status is normal.

    [From xms_10.10.0.10403.bin][CXM-72357]

  9. Unable to get the VPP for app version B2B when the platform parameter is incorrectly set in MDM API contentMetadataLookup.

    [From xms_10.10.0.10403.bin][CXM-72767]

  10. On iOS devices, administrators may lose the ability to send an “unlock device” command to passcode protected devices after the device is upgraded to iOS 13.1.x. To resolve this issue, see https://support.citrix.com/article/CTX262076.

    [From xms_10.10.0.10403.bin][CXM-73150]

Fixes From Replaced Releases

  1. Newly imported CA certificates are not visible in the Public-Key Interface (PKI) entries.

    [From xms_10.10.0.10305.bin][CXM-67982]

  2. Secure Hub for iOS is timed out when StoreFront server is not reachable, and it does not enumerate any MDX apps.

    [From xms_10.10.0.10305.bin][CXM-68133]

  3. On the XenMobile Server console, the value of the client property has a character limit of 256.

    [From xms_10.10.0.10305.bin][CXM-68385]

  4. When you configure VPN policy using Citrix SSO VPN on the XenMobile Server iOS platform, and edit the Prompt for PIN when connecting, it is reverted to Off.

    [From xms_10.10.0.10305.bin][CXM-68466]

  5. On devices running Android, sometimes you are unable to update the enterprise app.

    [From xms_10.10.0.10305.bin][CXM-68640]

  6. The keystore table count keeps increasing, even if the related devices and enrollments are deleted, which might impact system performance.

    [From xms_10.10.0.10305.bin][CXM-69017]

  7. In Android Enterprise devices that are already enrolled, the new required apps to the AllUsers delivery group are not displayed in Google Play Store.

    [From xms_10.10.0.10305.bin][CXM-69070]

  8. When you update an Enterprise app to the latest version, which was previously updated via REST API, the version number is not updated.

    [From xms_10.10.0.10305.bin][CXM-69202]

  9. When adding a VPP account (Settings > iOS Settings), the following message appears if the token exceeds 350 characters: “The entered company token is not valid, please enter a new one.”

    [From xms_10.10.0.10202.bin][CXM-68114]

  10. The Secure Hub Apple Push Notification Service (APNs) certificate for XenMobile Server 10.10 will expire on August 2, 2019. As a result, the Agent Notification fails and the application push might be delayed on iOS devices.

    With this update, the Secure Hub APNs certificate will be renewed and will expire on July 12, 2020.

    [From xms_10.10.0.10202.bin][CXM-68353]

  11. Apple Volume Purchase Program (VPP) apps don’t import into XenMobile Server. This issue occurred after Apple changed the URL for apps from itunes.apple.com to apps.apple.com.

    [From xms_10.10.0.10202.bin][CXM-68615]

  12. With iOS VPP configured in XenMobile, iBooks obtained through VPP don’t appear on the Configure > Media page as described in Add media.

    [From xms_10.10.0.10103.bin][CXM-66161]

  13. In XenMobile Server, publish an MDX app for iOS or Android platform. The XenMobile Server Public API does not support the modification of App description in the corresponding platform.

    [From xms_10.10.0.10103.bin][CXM-66449]

  14. Sometimes when Secure Hub is disconnected, security actions need to be performed twice to trigger Firebase Cloud Messaging (FCM) notifications for an event.

    [From xms_10.10.0.10103.bin][CXM-66911]

  15. In the dashboard, the number of Pending Activation Requests under the Notifications section are displayed incorrectly.

    [From xms_10.10.0.10103.bin][CXM-66914]

  16. The Firebase Cloud Messaging (FCM) token on the XenMobile Server doesn’t change until you delete or uninstall the Secure Hub.

    [From xms_10.10.0.10103.bin][CXM-66923]

  17. While enrolling Android enrolment for devices, the following error appears: Cannot decrypt value.

    [From xms_10.10.0.10103.bin][CXM-66928]

  18. The name and owner of your Android Enterprise enterprise might not display correctly in the Google Play store administrator console.

    [From xms_10.10.0.10103.bin][CXM-66933]

Installing This Update

Note: If your system is configured in cluster mode, follow the steps below to update each node, one after the other.

Important: Before installing this update, take a snapshot of the current settings and create a backup of the database.

  1. Log on to your account on the Citrix website and download the XenMobile Server update (.bin) file to an appropriate location.
  2. In the XenMobile Server Console of a node click Settings > Release Management. The Release Management page appears, which displays the currently installed software version, as well as a list of any updates, patches, and upgrades you have already uploaded.
  3. Under Release Management, click Update. The Update dialog box appears.
  4. Click Browse to upload the update (.bin) file you have downloaded from support.citrix.com.
  5. Click Update and then if prompted, restart the XenMobile Server node using command line.

To verify the patch deployment

After installing this patch, log on to the XenMobile Server Console as an administrator, then navigate to Settings > Release Management > Updates. Information about the most recent successful patch installation appears in this section.

Related:

Leave a Reply